× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



The Redbook that is out there is clear on how to get it up and going.
http://www.redbooks.ibm.com/abstracts/sg246975.html?Open

The function doesn't enable password or profile creation/deletion
synchronization. It does allow you to remove the password from the
profile to help with password resets. If you want to synchronize
passwords then you would need the chargeable products from IBM Tivoli or
Microsoft to handle that.

The thing the Redbook doesn't do, but Patrick Botz and I got working,
was the EIM LDAP replication working between servers.

Let me know if you get lost in the Redbook....

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Jack Kingsley
Sent: Monday, August 24, 2009 12:08 PM
To: Midrange Systems Technical Discussion
Subject: Re: i5/OS password sync with Windows Active Directory

Do you have any simple instructions for deploying this?? Main item I am
interested in is password sync and new profile creations. Can new
profiles
created be then mapped to a system I to be then created??

On Mon, Aug 24, 2009 at 12:58 PM, Patrick Bingham
<PBingham@xxxxxxxxxxx>wrote:

I've done several installations. Let me know if I can help point you
in
the right direction.


Patrick Bingham
Power Systems Solutions Engineer, Team Lead
IBM Certified Advanced Technical Expert - Power Systems with IBM i
MSI Systems Integrators
(w) 402.965.2381
(c) 402.212.2944
(f) 402.965.2414

Your Business.Better



-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:
midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Mike Cunningham
Sent: Monday, August 24, 2009 11:52 AM
To: 'Midrange Systems Technical Discussion'
Subject: RE: i5/OS password sync with Windows Active Directory

You could try...

Pat Botz
VP Technology and Consulting
Group8 Security, Inc.
pat.botz@xxxxxxxxxxxxxxxxxx


-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:
midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Bruce Collins
Sent: Monday, August 24, 2009 12:33 PM
To: 'Midrange Systems Technical Discussion'
Subject: RE: i5/OS password sync with Windows Active Directory

Eric (or anyone on the list), would you happen to know a person or
group
that could get us to a single signon for our iSeries and Microsoft AD?

Hoss

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx [mailto:midrange-l-
bounces@xxxxxxxxxxxx] On Behalf Of DeLong, Eric
Sent: Monday, August 24, 2009 11:19 AM
To: Midrange Systems Technical Discussion
Subject: RE: i5/OS password sync with Windows Active Directory

Are you talking about IBM EIM? This is an implementation of the
Kerberos protocol, which is used by Microsoft Active Directory for
user
authentication and resource authorization. Using EIM, you can map
profiles on i to authenticate to active directory.

EIM stands for Enterprise Identity Mapping. See:

http://publib.boulder.ibm.com/infocenter/iseries/v5r3/index.jsp?topic=
/
r
zalv/rzalvmst.htm

hth,
-Eric DeLong

-----Original Message-----
From: midrange-l-bounces@xxxxxxxxxxxx
[mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Jack Kingsley
Sent: Monday, August 24, 2009 10:45 AM
To: Midrange Systems Technical Discussion
Subject: i5/OS password sync with Windows Active Directory

Has anyone successfully installed such a solution using LDAP as a
remote
client on the ISERIES to communicate with a Windows AD Server??
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



--
This is the Midrange Systems Technical Discussion (MIDRANGE-L)
mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



This message (including any attachments) is intended only for
the use of the individual or entity to which it is addressed and
may contain information that is non-public, proprietary,
privileged, confidential, and exempt from disclosure under
applicable law or may constitute as attorney work product.
If you are not the intended recipient, you are hereby notified
that any use, dissemination, distribution, or copying of this
communication is strictly prohibited. If you have received this
communication in error, notify us immediately by telephone and
(i) destroy this message if a facsimile or (ii) delete this message
immediately if this is an electronic communication.

Thank you.

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



This message (including any attachments) is intended only for
the use of the individual or entity to which it is addressed and
may contain information that is non-public, proprietary,
privileged, confidential, and exempt from disclosure under
applicable law or may constitute as attorney work product.
If you are not the intended recipient, you are hereby notified
that any use, dissemination, distribution, or copying of this
communication is strictly prohibited. If you have received this
communication in error, notify us immediately by telephone and
(i) destroy this message if a facsimile or (ii) delete this message
immediately if this is an electronic communication.

Thank you.

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.